Creating Graph For All Documents In ES

irfancnk · May 16, 2019, 1:47pm

Hi there,

In elastic-search I store a data structure like following

{ 
     "source": "192.168.0.113", 
     "destination": "108.177.127.138", 
     "timestamp":  1558011580.284477000, 
     "sent_timestamp": 1558011577.509367, 
     "time_diff": 2.77511, 
     "type": "UDP"

}

My purpose is to store network packets like TCP, UDP, SNMP etc.
Each packet has a timestamp and sent_timestamp. Is it possible to sort packets with respect to their timestamps in the X-Axis, and show the time_diff in the Y axis. If so, what is the aggregation types in the Y and X axis? Is there such a filtering for creating graphs for an attribute of document?
At the end, I need something that looks like the following.

ques

thomasneirynck · May 16, 2019, 2:09pm

@irfancnk

to show individual documents on a graph, you could use a Vega-vizualization.

this blog post might get you started https://www.timroes.de/kibana-vega-scatterplot

irfancnk · May 16, 2019, 2:26pm

That helped a lot, thank you so much

irfancnk · May 16, 2019, 2:46pm

By the way, is The Vega Visualization only way for creating graphs with individual documents?

thomasneirynck · May 16, 2019, 3:38pm

yes, broadly, but there's a few other places as well

You can show a saved-search with individual documents as a table on a dashboard. create this in Discover
the Maps-app allows you to map individual documents as well

system · June 13, 2019, 3:38pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.